This notice describes how we collect and process users’ data by Mimi Hearing Technologies Gmbh through https://mimi.io
website, Mimi Hearing Test mobile application (“Mimi App”), and Mimi Software Development Kit (“SDK”) that is provided as an in-built feature in the products of our partners. The terms “we”, “us”, “our” refer to “Mimi Hearing Technologies GmbH”, a German company with limited liability. If you would like to access our Terms of Service, please visit the following link: https://www.mimi.io/en/terms
We are committed to safeguarding the privacy of our users. We will not misuse your data.
From the data protection perspective, we act as a data controller for the information collected through the website, Mimi App, and SDK. You can contact us at:
Mimi Hearing Technologies GmbH
Registered address: Boxhagener Str. 82, 10245 Berlin, Germany
Contact email address: firstname.lastname@example.org
You may also contact our appointed Data Protection Officer:
TechGDPR DPC GmbH
Prenzlauer Allee 53, 10245 Berlin, Germany
1. Acceptable Age
We do not intend to collect nor process the data of individuals under 18 years old. Only individuals who are already 18 years old may use the Hearing Test and provide information to us. If we become aware that someone under the age of 18 has provided or attempted to provide us their personal data and/or registered an account, we will use our best efforts to remove the information permanently from our files and delete this account.
2. Information we collect from you
The following data points are collected from you when you leave your inquiry on the website: full name, email address, subject and content of the message. You can always contact us directly by email, in which case we will collect your email address and the content of your message. We will use this information to reach out to you and help you with your inquiry. We can also use the content of your request to improve our products and services or analyse our marketing efficiency if it contains valuable information.
When you subscribe to our newsletter through the website, we collect your full name and email address. We use this information to prepare, personalise (by including your name) and send our newsletter to you.
Mimi App and SDK
Taking a hearing test
When you access the Mimi App or SDK, you can take the hearing test without registering an account. We will assign a randomly generated ID to you, which will allow us to distinguish your records from others, but at this point does not allow us to understand who you are in any way. Therefore, we consider your test results being anonymised unless you register the account. After you create the user account, we will collect your explicit consent to process test results as health data to store and provide them to you along with your account data.
Before conducting the test, we will collect your year of birth to compare your results against the average of your age group.
When you use the Mimi App, you will also be asked to provide your gender and country of residence. We use this information to calibrate the settings of the hearing test.
Hearing test data
During the test, we will collect the following data points from you: test type you take (Pure Tone Threshold Test / Masked Threshold), raw test results, including hearing performance indicators (frequency, in hertz) on which you responded to the test using your left and right ears, 5-degree scale interpretation of the test results, date and time when you take the test, and an average ambient noise over time during the test. When you choose to undergo a Pure Tone Threshold Test, we also collect and further provide to you your audiogram.
To calibrate your test results based on the settings of your device, we also collect details about your device: operating system and its version, App/SDK version installed on the device, headphone connection types, and a region where your phone is set to. We collect the data points described above:
- to provide you with hearing tests and calibrating the results in accordance with your device setting;
- to improve the quality of our services;
- in the case of necessity, to share your details with our internal Safety officer, who ensures compliance with relevant safety law requirements; and
- for scientific and other research purposes;
- to share your hearing test results with the partner that integrates our SDK in their products. This is done to personalise the sound on the device of our partner that you use.
Please note, that unless you register the account, we are unable to identify you. Thus we consider the data being anonymous at this point. As such, your test data can be kept for an indefinite period of time as long as it is anonymous.
Account registration and maintenance
After you take the test, you can register an account to keep, export and later access your hearing test results. For this purpose, we will collect your email address, password, and nickname to assign them to your user ID.
As soon as you create the account, we will be able to identify you and thus our activities will be considered personal data processing. We use your account information to:
- create and maintain your user account, including securing the access to it by password;
- allow you to access your historical hearing tests, switch devices, delete and export your test results from the Mimi App and other devices implementing the SDK;
- contact you regarding the work of Mimi and/or your account;
- provide you with technical support;
- where requested, provide your hearing test results to you via email;
- based on your consent, to send you marketing emails;
In certain implementations of SDK into the products of our partners, you will also be able to make your account data accessible to your relatives via the multiple profiles feature. Please note that in such a case your hearing test data will be accessible for other profiles. Joint controllership. When you create an account, the data is shared with our subsidiary company Mimi Health GmbH as a joint controller. The account you create through the Mimi App or non-medical SDK can in future be used as the account for HTS-01, a medical software device for taking hearing tests, provided by Mimi Health GmbH. The account data will also be used for joint research and improvement activities. We are ultimately responsible for managing and administering the database with your account data. We ensure the technical and organisational measures for protecting the data, conclude agreements and manage relationships with service and software providers to maintain the database, and provide technical support to the users.
You can exercise your rights regarding the account by contacting us directly. Please note that you may also exercise your rights by contacting Mimi Health GmbH:
Mimi Health GmbH
Address: Boxhagener Str. 82, 10245 Berlin, Germany
Email address: email@example.com
Jointly with Mimi Health GmbH, we will store your account data for as long as you use our services and have the account. We will delete your data 365 days after your last user session.
Through the Mimi App, we conduct different surveys for our research and improvement purposes. When you access the Mimi Hearing Test Survey, we will ask you to provide the following data points:
- your age category;
- operating system of your device;
- the way how you learned about the Mimi Hearing Test;
- the reasons why you decided to use the app;
- what aim you pursue by using the app;
- your satisfaction of using the app;
- your reaction to the situation where the app is no longer available;
- feedback in plain text. When you use the Mimi App, we also collect analytical information about the way you use the application. You can learn more about this activity in the “Analytics” section of this notice.
IP logs/Crash Logs data
During your use of the SDK and Mimi App, we collect IP logs and Crash Logs from your device. As we are continuously testing the application, certain traffic is collected automatically. The data categories we receive may include the model of the device, operating system version, country of geolocation, user ID, date, time, and duration of the user session, pages viewed, buttons clicked, error code, and error message. This data is collected by the App Store and provided to us in an aggregated way, without the possibility of identifying a particular user. We use this data for debugging, quality management, and app improvement purposes.
Communications with us
Occasionally, we collect user feedback and provide technical support if you have any inquiries regarding the work of our SDK or Mimi App. We use this information to provide you with the help you might need, fix and improve our services, and analyse our efficiency in marketing and product efforts, including by creating statistics of inquiries. We will store your communications with us for our legitimate interests and further analysis for the same period as for your account data. If you did not register the account, we will store the data for 365 days after the last communication with you. If we need to further use this information, we will fully anonymise it first.
3. Legal basis for processing
Performance of Contract
We process your hearing test results and account data, requests for technical support, and your communications with us to provide you with the app services. Without this information, we will be unable to provide you with the full SDK/Mimi App functionality.
For the e-mails with our newsletters, announcements, and other offers (marketing emails) and analytics cookies on our website, we will obtain the consent from you first, which serves as a legal base for the processing of your information.
We process your inquiries left by email and subscription to our newsletter left on the website, as well as the surveys you undergo through the Mimi App, because you provided them entirely voluntarily, i.e. based on your consent. If you would like us to contact you for further studies and research, you can also give your consent to this activity through the Mimi App. If you create the account, we will also ask for your consent to connect your account with test results and allow you to access them along with the account data. You can withdraw your consent at any time by contacting us directly. The withdrawal will not affect the lawfulness of processing based on consent before. You can also opt-out from the e-mail subscription by clicking the appropriate button in our emails to you.
For improving the quality of the SDK and Mimi App, as well as debugging its work, we process your test results, IP and Crash Logs, as well as the content of your inquiries, in our legitimate interests. We will also process your hearing test results for research purposes in our legitimate interests. We will ensure that suitable safeguards, such as pseudonymisation of your data, will be in place, if the test results are already tied to your account.
If we are subject to any legal requirements to retain the health data of our users, we will process the collected details to comply with law requirements. The example of such a situation will be the reporting of your data and/or request to our Safety Officer and their team, who are responsible for handling emergency situations connected with the use of the Hearing Test. In this scenario, the legal ground for the processing will be compliance with our legal obligations.
4. Third-party Access to Information
Partner organisations that integrate SDK
The partners that integrate our SDK into their products often ask us to share your hearing test results for their internal business purposes.
Third-party service providers
The following categories of third-party providers are used to enable the work of Mimi products:
- Email notification provider;
- Client Relationship Management software provider, by means of which we manage our communications with users;
- Providers of website analytics and user session recordings;
- Cloud storage providers. The involvement of email notification and cloud storage providers implies the transfer of personal data outside of the European Economic Area. To ensure compliance with data protection requirements on international transfers, the Standard Contractual Clauses (SCC) as adopted by the European Commission are signed with these providers. If you would like to obtain a copy of the SCC signed with the service providers, feel free to contact us by the means provided at the beginning of this document.
Please note, that the third-party providers can only process your data on our behalf and do not use it for their own purposes.
Apple Health and Health Kit
Mimi will not exchange any personal data with the Apple iOS Health app without the prior consent of the user. If the user has given their consent, the Mimi App can interact with the iOS Health app from Apple on the user’s iOS device and import data (age / gender) and export (hearing test data). The user can currently import their age and gender from the Apple Health app into the Mimi App. Age and gender are only used to personalise our service. The user can also export their audiogram data from the Mimi hearing test app to the Apple iOS Health app.
The Company uses analytic services to collect details of the Website use, including, but not limited to traffic data, location data, length visit, other communication data, IP address, device information (such as hardware model, operating system version, unique device identifiers). In aggregated form, this information allows us to analyze the popularity and usability of the Website.
Non-Personally Identifiable Information can be collected and processed on the Website by Google Analytics in an anonymized and aggregated way to improve Website usability and for marketing purposes.
For more information on the privacy practices of Google, please check its Policies at www.google.com/analytics/policies/
We have activated the IP anonymisation function on our website. As a result, your IP address will be shortened by Google within EEA countries before it is transmitted to the USA. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage.
For the Mimi App, we use Mixpanel, a service offered by Mixpanel Inc. (www.mixpanel.com) (“Mixpanel”), to collect user data from the applications in order to better understand how users are using the application. Mixpanel is used to understand and improve activities within the app.
Further information on the Mixpanel data protection declaration can be found under the following link: https://mixpanel.com/privacy/
. You can exclude tracking by Mixpanel here: https://mixpanel.com/optout/
In addition, the usage analysis technology “adjust.io” is used for the Mimi App. This is a service offered by Adjust GmbH, Saarbrücker Str. 38a, 10405 Berlin (“Adjust”). When the user opens the application, Adjust collects installation and event data, for example “App opened” or “Account opened” including the IP address of the user, which is pseudonymised with the help of the “hash values”. Mimi Hearing uses this information to understand how the user interacts with the app and to analyse mobile advertising campaigns.
In addition to the disclosures for the purposes identified before, we may disclose information about you:
- if we are required to do so by law, in connection with any legal proceedings or to establish, exercise or defend our legal rights; and
- in case we sell, license or otherwise assign our company, corporate rights, Mimi or its separate parts or features to third parties.
Mimi Hearing Technology GmbH has authorized Beijing Jiayou Trading Co., Ltd. to distribute and operate the Android Hearing Test application in mainland China.
Except as provided in this privacy notice, we will not sell, share or rent your information to third parties.
5. Your rights
To maintain control of your personal data, you may exercise certain rights regarding your information. In particular, you have the right to:
- Object to the processing of your information. If we process your information in our legitimate interests, e.g., for our marketing purposes, you can object against it. We will consider your request and, if there are no compelling interests to refuse it, stop the processing for such purposes;
- Access your information. You have the right to know if we process your information; obtain disclosure regarding certain aspects of the processing; and obtain a copy of the information undergoing processing.
- Verify your information and seek its rectification. If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;
- Restrict the processing of your information. When you contest the accuracy of your information, believe we process it unlawfully or want to object against the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent. In this case, we will not process the information for any purpose other than storing it until the circumstances of restriction cease to exist;
- Ask us to delete/destroy/otherwise remove your information. If we are not obliged to keep the data for legal compliance, we will remove your information upon your request; and
- Ask us to transfer your information to another organisation if we process the information based on your consent or on the necessity to perform the contract. You can complete the request to exercise your right by contacting us at firstname.lastname@example.org If you believe that our use of personal information violates your rights, you can lodge a complaint with the competent data protection authority.
6. Security of Information
We take necessary and sufficient measures to protect your information from unauthorised or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties. Internally, immediate access to the data is only allowed to our authorised employees involved in maintaining our website, Mimi App, and SDK, and conducting other processing activities. Those employees include our backend software developer and research employees, as well as our safety officer. Such employees keep strict confidentiality and prevent unauthorised third-party access to personal information.
Our Website may contain links to third-party services and platforms, including those posted by our partners and affiliate companies. Although we choose our partners thoroughly and diligently, we cannot be responsible for the content, terms and conditions or privacy policies of third-party services.
When showing a video on our website to you, our website uses plugins from YouTube and Vimeo.
Youtube is operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plug-in, a connection to the YouTube servers will be established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
You can find more information on handling user data in YouTube’s privacy notice: https://www.google.de/intl/de/policies/privacy
The provider of Vimeo video portal is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of our pages equipped with a Vimeo plug-in, a connection to the Vimeo servers is established. The Vimeo server is informed which of our pages you have visited. Vimeo will also obtain your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information recorded by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account. Further information on the handling of user data can be found in Vimeo’s privacy notice: https://vimeo.com/privacy
Third-party websites may contain their own cookies. We are not responsible for their usage of cookies.
7. Changes to This Notice
We may update this privacy notice from time-to-time by posting a new version on our website. We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavour to provide you with an announcement about any significant changes. If you want to permanently terminate your Account, please contact us at email@example.com
, and we will process it within 3 business days.